The README documents it pretty well. I'm not planning to support it beyond pointing you to that.
Edit: Although I will say that once you run it, all you need to do is to make sure you've specified the realmlist you want, enter the account name you want to try to login to, and put in anything at all for the password. If the server is vulnerable, you'll be able to login no matter what password you type.